global
    log         127.0.0.1 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    stats socket /var/lib/haproxy/stats

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

listen admin_stats
        stats   enable
        bind    *:888
        mode    http
        option  httplog
        log     global
        maxconn 10
        stats   refresh 30s
        stats   uri /status
        stats   realm haproxy
        stats   auth admin:admin
        stats   hide-version
    #    stats   admin if TRUE

listen apiserver
    bind 0.0.0.0:{{apiserver_proxy_port}}
    mode tcp
{% for host in groups['kubernetes-masters'] %}
    server {{ host }} {{ host }}:6443 check
{% endfor %}